Hello
I have these in packages and cache dir
<Files *>
Order Deny,Allow
Deny from all
</Files>
Why those are in there? :)
you should have the same in your attachments dir (and any other dirs that you have in place below for primary web dir).
it stops people from being able to view your internal files if they try to specifically navigate to that directory by doing:
https://your-forum/attachments/ ... or ... https://your-forum/packages/
they should be denied and get a 403 error:
Forbidden
You don't have permission to access /attachments/ on this server
.
Ah, right. Thanks =)